public ActionResult Login(LoginCredentials credentials, string returnUrl)
{
var account = Account;
if (!ModelState.IsValid)
{
ErrorMessage = "Email address is not valid.";
return View("Index", new MainViewModel(account).WithAccountAccessBase(credentials));
}
ValidateLoginCredentials storedCredentials;
using (Session)
{
storedCredentials = Session.Query<Account, IndexEmail>()
.Where(x => x.Email == credentials.Email)
.AsEnumerable()
.Select(x => new
ValidateLoginCredentials(x.Password.HashedPassword, x.Password.Salt,
x.Id))
.SingleOrDefault();
}
if (storedCredentials == null)
{
ErrorMessage = string.Format("Your password does not match. <a href='{0}'>{1}</a> your password.",
Url.Action("PasswordReset", "AccountAccess", new
{
email = credentials.Email
}, "http"),
"Reset");
return View("Index", new MainViewModel(account)
.WithAccountAccessBase(credentials));
}
var task =
CommandExecutor.ExecuteCommand(new ValidateUserPasswordCommand(credentials.Password, storedCredentials));
if (!task.Result)
{
ErrorMessage = string.Format("Your password does not match. <a href='{0}'>{1}</a> your password.",
Url.Action("PasswordReset", "AccountAccess", new
{
email = credentials.Email
}, "http"),
"Reset");
return View("Index", new MainViewModel(account)
.WithAccountAccessBase(credentials));
}
FormsAuthentication.SignIn(storedCredentials.Id);
App.ResetOutputCache();
ActionResult redirect;
if (RedirectToReturnUrl(returnUrl, out redirect))
{
return redirect;
}
return RedirectToRoute("secure", new
{
Controller = "Home"
});
}
public ActionResult Register(LoginCredentials registrationData)
{
var account = Account;
if (!ModelState.IsValid)
{
ErrorMessage = "Email address is not valid.";
return View("Index", new MainViewModel(account)
.WithAccountAccessBase(registrationData));
}
if (Session.Query<Account, IndexEmail>()
.Any(x => x.Email == registrationData.Email))
{
ErrorMessage = "Email address is already in use.";
return View("Index", new MainViewModel(account)
.WithAccountAccessBase(registrationData));
}
var task = CommandExecutor.ExecuteCommand(new HashPasswordCommand(registrationData.Password));
var confirmationKey = CommandExecutor.ExecuteCommand(new GenerateUniqueConfirmationKeyCommand(Session));
var newAccount = new Account
{
Email = registrationData.Email,
Password = task.Result,
Confirmation = new EmailConfirmation(confirmationKey),
KeyQuota = new KeyQuota(App.KeySoftLimit)
};
Session.Store(newAccount);
FormsAuthentication.SignIn(newAccount.Id);
var url = Url.Action("Confirm", "Profile", new
{
newAccount.Confirmation.Key
},
"http");
CommandExecutor.ExecuteCommand(new SendConfirmationEmailCommand(newAccount, url));
return RedirectToRoute("secure", new
{
Controller = "Profile"
});
}
